Radio Frequency Identification (RFID) systems are comprised of three main components, an RFID tag or transponder, an RFID reader or transceiver and an RFID processing infrastructure. An RFID transponder is a device having a microchip that stores data and is capable of radio frequency communication. An RFID transceiver is a device that is used to read and/or write data to an RFID transponder using radio frequency communication. The RFID processing infrastructure is a processing subsystem which makes use of the transponder data obtained by the transceivers of the RFID system.
RFID transponders range in capability from simple passive devices that carry minimal identifier data to active devices with larger storage and computing capability. Both passive and active transponders communicate to a transceiver when they are interrogated by the transceiver. RFID transponders are often affixed to objects, such as consumer goods, and when used in combination with the transceivers and the RFID infrastructure allow for the storage and retrieval of data associated with those objects.
A major security issue arises in RFID based systems due to the storage and retrieval of RFID transponder data occurring through the use of radio transmissions and involving no physical contact. Utilization of radio transmissions allows communication signals from an RFID transponder to be accessed by any transceiver within the vicinity of the transponder. Currently there is no way to track or prevent these accesses. As the use of RFID transponders becomes more prevalent in the retail industry as well as other consumer oriented industries, this ability to easily access transponders will become a major privacy and security concern.
Given possible access to communication signals from a transponder, there are two main areas of focus for security measures in RFID systems. The first area of focus is the prevention of access to data or capability of an RFID transponder from unauthorized RFID transceivers. The second area of focus is the prevention of unauthorized listeners from discovering the identification (RFID) associated with an RFID transponder.
There are several known security mechanisms for addressing both of these aspects of RFID system security. These security mechanisms were developed based upon some assumptions about the operational constraints of a viable RFID system.
One assumption is that RFID transponders need to be simple and cheap and hence tend to be passive, provide simply read-only capability, and contain only a few hundred bits of storage.
Another assumption is that low cost RFID transponders have limited processing capability.
Another assumption is that the operating range of a passive RFID transponder is constrained to a backward channel range of a few meters. The RFID transceivers, however, have a significantly larger broadcast range, the forward channel range, that may be monitored from as far away as 100 meters.
Some examples of security mechanisms include hash-based access control, randomized access control, Silent Tree Walking, Blocker tags, and maintaining sensitive data at a control location in the RFID infrastructure.
Hash-Based access control requires support for hashing on the RFID transponder and also the secure distribution of a secret ‘key’ to allow authorized transceivers to unlock the transponder. Once unlocked, the transponder will then allow the transceiver access to all of its functionality. This access control method is susceptible to two kinds of security attacks that may give unauthorized transponders access to the transceiver. First an unauthorized listener may be placed within the forward channel range of an authorized RFID transceiver to capture the transmission of the secret ‘key’. Second, an unauthorized transceiver may retrieve the transponder metaID through an open query of the transponder. The metaID is the value of the secret key hashed: metaID=hash (key) while the ID is the original RFID. Making sure the RFID, metaID couple match allows the infrastructure to detect RFID spoofing. The metaID may then be transmitted to an authorized transceiver, which will then return the secret ‘key’ for capture unknowingly creating a breach in security. In each of these cases the captured secret ‘key’ may then be used by an unauthorized transceiver to unlock the transponder. Also since the metaID remains constant for any one transponder the transponder may also be tracked by this value which may present a privacy issue.
Randomized access control is a security mechanism directed at preventing attacks that would be launched against systems utilizing the Hash-Based access control model. In randomized access control a pseudo-random number function is included on the transponder to generate random values. The random values are combined with the transponder's ID and hashed by the transponder to create a random metaID. The random value and the metaID are both sent by the transponder when it is queried by a transceiver. If the transceiver is authorized it will relay the values to the RFID infrastructure where an exhaustive search will be used to extract the original ID from a known list of valid IDs. Although this method prevents the replay attack that may occur with the Hash-based model and it solves the privacy issue with a constant metaID it is still susceptible to the listener attack. Although hashing is a one way function, it is not cryptographic. Bits of the ID may be determined by listening to multiple exchanges. This solution is also limited in scalability due to the exhaustive search method used to derive the secret ‘key’. If the number of transponders managed by an RFID infrastructure is large then the performance of the system will suffer significantly.
Silent Tree Walking or Backward Channel Key Negotiation are security mechanisms that may be employed to limit the effectiveness of unauthorized listener attacks. Each of these methods implements a protocol that prevents an unauthorized listener from gaining information about a transponder from listening only to the forward channel transmissions. This prevents remote listeners that may easily pick up the stronger transceiver signals but does not prevent an attack by listeners within the range of the transponders backward channel transmissions.
The use of Blocker tags is a security mechanism that helps to prevent privacy violations. The blocker tag is a special RFID transponder that prevents RFID transceivers from gathering data from other transponders in their immediate vicinity. Without it, any RFID transceiver could query any transponder. In a consumer retail environment this would prevent retailers or other companies from reading the transponders on any merchandise a customer may be carrying and thus protecting the consumers' privacy. It is unclear how blocker tags could be appropriately controlled to prevent their misuse such as the use of blocker tags to block transponders that should be available for security purposes.
A final security mechanism concentrates on protecting the data associated with a transponder. In this mechanism it is assumed that the transponder provides an RFID that may be used to look up information about the physical object that the transponder is attached to. This information is maintained in the RFID infrastructure and not on the transponder itself. In this mechanism a method of transceiver authorization combined with infrastructure access control is used to prevent distribution of the data to unauthorized transceivers. This mechanism only secures information that is centralized to the RFID infrastructure and does not provide protection for any data that may be stored on the RFID transponder. This mechanism also doesn't prevent tracking of an object based on its RFID ID.